Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
CryptoLocker is a Trojan ransomware that allegedly encrypts files on an affected system and demands ransom for recovering the data back. It first appeared on the Internet in 2013 and was targeted at Windows-based computers.
CryptoLocker spreads by way of compromised email attachments or through a botnet. Once downloaded and activated, it looks for certain file types to encrypt using RSA public key cryptography and then sends the private key to some remote servers. It then demands the system owner to pay a ransom in order to decrypt or recover his/her affected files; failure to do so will result in losing the private key.
While the malware itself is not difficult to remove, the affected files remain encrypted. At the time of the initial outbreak, users without reliable backups had the choice of paying the ransom — and hoping that those behind the infection were honest enough to actually decrypt the affected files — or simply accepting their data as lost. However, there are now online tools that claim to have the ability to decrypt files that have been encrypted by CryptoLocker.